There are a lot of products promising to solve everything if you just use the product. If it was that easy, security would not be that big of a topic.
While some products have good uses, they are usually not enough. An attacker only needs to find one weak point.
No tool will help before the following questions have been answered:
Which are our important and valuable assets?
Who are potential and realistic attackers?
How much money would we lose if X would happen? What would we do?
How much trouble are we willing to bear?
How much effort are we ready to invest to secure an asset?
How do we react to incidents known to our customer?
What is our strategy if an incident happens? (You need to react fast)
How do we detect and document incidents?
What know-how do we have internally and what do we need from outside?
Unfortunately, we can read currently about incidents where businesses underestimated security.
Producing an “unhackable” or fully secure device is an illusion. There will always be an assessment and decision about the balance between security, investment and usability. Security, then, must be part of your business. The know-how needs to become internal.
If it does not, there is a high risk that the next project – or even an update of the current one – will have to start from scratch. I would like to collaborate with your staff to develop actions and help set them in place. After a risk and threat analysis, external tools can really help, e.g. to secure a connection or to detect intrusion (IDS) or to secure the licenses or to train your people or.... Get in touch. We’d love to help you determine and take the next step.